Exposing The SourMint Scandal With Danny Grander

In episode 81 of The Secure Developer, Guy Podjarny is joined by Danny Grander, Co-founder and Chief Security Officer at Snyk, to discuss SourMint - a malicious SDK that has been integrated into popular apps, seeing a total of 1.2 billion downloads per month. This was before it was exposed by the Snyk research team! Here, we summarize the scandal and unpack exactly what SourMint is, with details on how it tracks Android and iOS user behaviour while allowing for remote command execution. Guy and Danny also reflect on the challenge of protecting people who are using old versions of apps that still have malicious SDK integrated into them.

Om Podcasten

Securing the future of DevOps and AI: real talk with industry leaders.